- Key concepts
- Automation: The use of software to create repeatable instructions and processes to replace or reduce human interaction with IT systems
- Cloud Governance: The people, process, and technology associated with your cloud infrastructure, security, and operations. It involves a framework with a set of policies and standard practices
- Infrastructure as Code: The process of managing and provisioning computer resources through human and machine-readable definition files, rather than physical hardware configuration or interactive configuration tools like the AWS console
- IT Audit: The examination and evaluation of an organization’s information technology infrastructure, policies and operations
- CloudFormation is a AWS service for create infrastructure as code.
- it’s a yaml file
How to start with CloudFormation
- Services -> CloudFormation
- Create stack “With new resources (standard)”
- Template is ready
- Upload a template file
- Click “Choose file” button
- Select provided YAML file
CloudFormation Template sections
- Format version
Each AWS Account has its own AWS Identity & Access Management (IAM) Service.
If you know Azure
On Microsoft Azure, we have a Subscription. The AWS Account can be equivalent to the Azure Subscription. With a difference. Each AWS Account can have its own IAM Users but in Azure, we have a central IAM Service, called Azure Active Directory (AAD).
Each above-called service is a huge topic but we don’t do a deep dive right now.
The AWS IAM User can be used
- Only for CLI purposes. This user can’t log in to the AWS Portal.
- Only for working with the AWS Portal. This user can’t be used for CLI.
- Both purposes. This user can be used to log in to the AWS Portal and CLI.
The first question is why do we need a Pipeline User?
- Automated deployment (CI/CD) pipeline and prevent manual or per-click deployment.
- We can only grant the pipeline user for some specific permissions and audit the logs of this user.
This user can work with AWS Services only via CLI. Therefore it has an Access Key ID and a Key Secret.
If you know Azure
It’s used like a Service Principal, that you have a client-id and client-secret.
Description and video come soon
You owe your dreams your courage.